Last updated: March 11, 2025

SCWE-022: Message Replay Vulnerabilities

Stable Version v0.0.1

This content is in the version-(v0.0.1) and still under active development, so it is subject to change any time (e.g. structure, IDs, content, URLs, etc.).

Send Feedback

Relationships

• CWE-294: Authentication Bypass by Capture-replay
  CWE-294 Link

Description

Message replay vulnerabilities occur when an attacker can reuse a valid message or transaction to perform unauthorized actions. This can lead to: - Unauthorized access to sensitive functions. - Loss of funds or data. - Exploitation of the contract's logic.

Remediation

• Use nonces: Include a unique nonce in each message to prevent reuse.
• Validate timestamps: Ensure messages are only valid for a limited time.
• Implement replay protection: Use established libraries or mechanisms to prevent replay attacks.

Examples

• Vulnerable to Replay Attacks

  pragma solidity ^0.8.0;
  
  contract ReplayVulnerable {
      function processMessage(bytes memory message) public {
          // Process message without replay protection
      }
  }
  

• Protected Against Replay Attacks

  pragma solidity ^0.8.0;
  
  contract ReplayProtected {
      mapping(bytes32 => bool) public usedMessages;
  
      function processMessage(bytes memory message, uint nonce, uint chainId) public {
          bytes32 messageHash = keccak256(abi.encodePacked(message, nonce, chainId));
          require(!usedMessages[messageHash], "Message already used");
          usedMessages[messageHash] = true;
          // Process message
      }
  }
  

---